Category Archives: Secrecy

Republicans vote to kill your last internet privacy


The Senate voted to kill it, the House will soon pass it, and Trump will sign it.

After all, there’s no corner of your life corporations shouldn’t be able to exploit, right?

Right?

From the New York Times:

Republican senators moved Thursday to dismantle landmark internet privacy protections for consumers in the first decisive strike against telecommunications and technology regulations created during the Obama administration, and a harbinger of further deregulation.

The measure passed in a 50-to-48 vote largely along party lines. The House is expected to mirror the Senate’s action next week, followed by a signature from President Trump.

The move means Verizon, Comcast or AT&T can continue tracking and sharing people’s browsing and app activity without permission, and it alarmed consumer advocates and Democratic lawmakers. They warned that broadband providers have the widest look into Americans’ online habits, and that without the rules, the companies would have more power to collect data on people and sell sensitive information.

“These were the strongest online privacy rules to date, and this vote is a huge step backwards in consumer protection writ large,” said Dallas Harris, a policy fellow for the consumer group Public Knowledge. “The rules asked that when things were sensitive, an internet service provider asked permission first before collecting. That’s not a lot to ask.”

The privacy rules were created in October by the Federal Communications Commission, and the brisk action of Congressional Republicans, just two months into Mr. Trump’s administration, foreshadowed a broader rollback of tech and telecom policies that have drawn the ire of conservative lawmakers and companies like AT&T, Verizon and Charter.

CIA spooks only doing what corporations do


Following up on our previous post; there’s this from New York University’s Brennan Center for Justice:

Don’t say we didn’t warn you about this one: your “smart” TV may be spying on you. Really.

According to classified documents leaked this week, the CIA found a way to hack the microphone on televisions equipped with voice control and send the audio back to headquarters. It can even record in “Fake-Off” mode – when the TV looks like it’s off but isn’t, according to notes on project “Weeping Angel.”

See, this is why we can’t have nice things.

Way back in 2014, we noticed a rather ominous waring in the novella-length privacy policy that came with our new smart TV: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.”

That news was bad enough, creating a big privacy problem thanks to the so-called “third-party doctrine,” a legal artifact of the pre-Internet age. It basically means you don’t have any privacy in the data you send through third parties like Google or Apple – or Samsung. We’re looking at you too, Amazon Echo.

Now, it appears the CIA has found a way to exploit this vulnerability directly. And it’s a safe bet they’re not the only ones.

To be clear, there is a big difference between tapping a phone line, bugging a hotel room, and breaking the internet – or in this case, the Internet of Things. And sometimes a cliché is worth repeating: this may be a means to an end, but it’s a hell of a means.

(Pro tip: You don’t have to connect your smart TV to the internet.)

We would also note that here at esnl, we’ve also covered the privacy threat from your television, and video game controllers as well,

That bottom line is that technology has rendered privacy virtually [pun intended] obsolete.

Chart of the day: How the CIA can spy on you


From Agence France Presse, which reports that the founder of Wikileaks said there more revelations to come, but he’s staying mum till tech companies can see what’s coming:

WikiLeaks founder Julian Assange on Thursday accused the CIA of “devastating incompetence” for failing to protect its hacking secrets and said he would work with tech companies to develop fixes for them.

“This is a historic act of devastating incompetence, to have created such an arsenal and then stored it all in one place,” Assange said.

“It is impossible to keep effective control of cyber weapons… If you build them, eventually you will lose them,” Assange said.

Assange was speaking in a press conference streamed live from Ecuador’s embassy in London, where he has been living as a fugitive from justice since 2012.

He said his anti-secrecy website had “a lot more information” about the Central Intelligence Agency’s hacking operation but would hold off on publishing it until WikiLeaks had spoken to tech manufacturers.

CIA hackers in Germany; when TV watches you


Germans were alarmed when Edward Snowden’s NSA document dump revealed that American spies were eavesdropping on their government more intensely than was the case elsewhere in Europe, and the latest WikiLeaks dump reveals that their compatriots at the CIA may be busy in Germany doing much the same.

And they might be watching them through their big screen TVs.

From Der Spiegel:

WikiLeaks says the CIA has its own cyberwar division and that around 200 experts belonging to the division are able to infiltrate computers around the world using tools specifically developed to steal data. The CIA hackers work at the agency’s headquarters in Langley, Virginia, WikiLeaks says, but adds that the agency maintains at least one base outside of the United States.

The documents indicate that the CIA hacking experts are also active in the U.S. Consulate General in Frankfurt, Germany, the largest American consulate in the world. According to WikiLeaks documents, the consulate grounds also house a Sensitive Compartmented Information Facility, or SCIF, a building that is only accessible to CIA agents and officers from other U.S. intelligence agencies. These digital spies apparently work independently of each other in the facility so as not to blow their cover.

There are apparent references in the documents to trips taken to Frankfurt by these CIA hacking experts, complete with what passes for humor in the intelligence agency: “Flying Lufthansa: Booze is free so enjoy (within reason),” one of the documents reads. There is advice for ensuring privacy in the recommended hotels: “Do not leave anything electronic or sensitive unattended in your room. (Paranoid, yes but better safe than sorry.)”

One of the tools described in the documents, codename “Weeping Angel,” is specifically designed for hacking into Samsung F8000-Series smart televisions. According to the document, CIA agents are able to switch the televisions into “Fake Off,” which fools their owners into thinking it has been switched off. But the hackers are nevertheless able to use the TV’s microphone and webcam for surveillance purposes.

The tragedy of Trump/Big Oil’s war on the EPA


We spent a good many years covering environmental issues, including the role played by corporations and the nation’s largest university system in building on polluted land.

We were first stirred to concern for our impact on the environment in 1962 when we read Rachel Carson’s Silent Spring, the book that inspired the rise of the modern environmental movement in the last half of the 20th Century.

The movement became so significant that a Reoubkican President [and a loathed one at that] created the Environmental Protection Agency,

And while Donald Trump may share a leak paranoia with Agent Orange, he’s anything but Richard Nixon when it comes to the environment.

An agency dismembered

While Trump and many of his appointees called for outright elimination of the EPA, realism set in.

That and the beginning of the death by a thousand cuts, starting with a story from Newsweek written as the initial proposed budget cuts were revealed:

The proposal, sent to the EPA [last week], would cut into grants that support American Indian tribes and energy efficiency initiatives, according to the source, who read the document to Reuters.

State grants for lead cleanup, for example, would be cut 30 percent to $9.8 million. Grants to help native tribes combat pollution would be cut 30 percent to $45.8 million. An EPA climate protection program on cutting emissions of greenhouse gases like methane that contribute to global warming would be cut 70 percent to $29 million.

The proposal would cut funding for the brownfields industrial site cleanup program by 42 percent to $14.7 million. It would also reduce funding for enforcing pollution laws by 11 percent to $153 million.

The budget did not cut state revolving funds for programs, that Congress tapped last year to provide aid to Flint, Michigan, for its lead pollution crisis.

All staff at a research program, called Global Change Research, as well as 37 other programs would be cut under the plan.

As Bloomberg notes:

More than 40 percent of EPA’s budget – about $3.5 billion – is dedicated to state and tribal grants used to pay for staff and support an array of programs, including initiatives that protect drinking water. State clean air and water programs also benefit.

That means the disproportionate burden will fall on states, most of which have Republican-controlled legislatures and chief executives.

So it’s unlikely most states will replace the lost funds, and layoffs will ensue.

Also impacted will be city government, losing both federal funds and monies from the states.

Given that the burdens of pollution fall disproportionately on the poor, life expectancies may decline.

Hey, but he’s makin’ Ahmurka great agin, ain’t he?

Ain’t he?

The latest development: Still more cuts

Needless to say, climate research is involved.

Scientific American puts it i context:

The administration is seeking a nearly 20 percent cut to the National Oceanic and Atmospheric Administration’s budget, including to its satellite division, The Washington Post reported. That includes significant cuts to the National Environmental Satellite, Data and Information Service, which has produced research that disproved the notion of a global warming pause. NOAA’s satellites provide invaluable data on climate change that are used by researchers throughout the world. The NOAA cuts target the Office of Ocean and Atmospheric Research, which conducts the bulk of the agency’s climate research.

That’s on top of proposed reductions to climate research at U.S. EPA, including a 40 percent cut to the Office of Research and Development, which runs much of EPA’s major research. The cuts specify work on climate change, air and water quality, and chemical safety. The Trump administration also has proposed 20 percent staffing reduction at EPA.

More than a dozen federal agencies, including the U.S. Geological Survey, the Interior Department and the Department of Energy, conduct climate research. Further cuts are expected, particularly at NASA, which develops and launches the satellites that provide invaluable information on climate change used throughout the world. President Trump has called global warming a “hoax,” and some congressional Republicans pushing for climate science cuts have falsely claimed that federal scientists are engaged in a massive conspiracy to defraud the American public into thinking that human activity is causing the planet to warm.

About a third of the American economy relies on weather, climate and natural hazard data, said Chris McEntee, president of the American Geophysical Union, the nation’s largest scientific organization. She said much of the federal scientific research and data comes from multiple agencies working together, so cutting one will have a ripple effect.

“It’s not just one agency, it’s a holistic view here, and cutting one piece also has an impact on the whole enterprise of what we get out of science from the federal government that enables us to have the kinds of tools and information we need to protect the infrastructure, to protect lives, to protect public safety, and to give us knowledge and information to make a more effective economy and country,” she said.

After the jump, more cuts, the threats to a massive database and efforts to preserve them, and a case of class war. . . Continue reading

Chart of the day: Who’s reading your messages?


From Wikileaks, the relevant section of a CIA organizational chart organizational revealing the names of the agency departments with the power to hack into every aspect of your life should you come under their ever-watchful gaze:


Implants branch?

Sound the tinfoil hat alarm.

And just so you don’t get confused, here’s their official seal:

And the announcement. . .

Finally, from the announcement Wikileaks made today about their latest remarkable haul of top secret documents:

Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named “Vault 7″ by WikiLeaks, it is the largest ever publication of confidential documents on the agency.

The first full part of the series, “Year Zero”, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

“Year Zero” introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones.

Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency’s hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA’s hacking capacities.

By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its “own NSA” with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.

In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

Headline of the day: Say goodbye to privacy


From the New York Times, the latest bombshell from WikiLeaks:

WikiLeaks Files Describe C.I.A. Tools to Break Into Phones

  • The documents describe software tools allegedly used by the C.I.A. to break into phones, computers and TVs.
  • The release said intelligence services managed to bypass encryption on popular messaging services such as Signal, WhatsApp and Telegram.